Lead - Information Security & Business Continuity at Airtel Nigeria
Airtel Nigeria (Airtel Networks Limited) is a leading telecommunications services provider in Nigeria headquartered in Lagos, the commercial nerve-centre of Nigeria. The telco ranks amongst the top four mobile service providers in terms of subscribers with a customer base of more than 39.8 million. The company's product offerings include 2G, 3G and 4G wireless services, mobile commerce and enterprise services.
We are recruiting to fill the position below:
Job Title: Lead - Information Security & Business Continuity
Location: Lagos, Nigeria
Purpose of the Job
- Bharti Airtel intends to protect its business sensitive information by implementing the controls pertaining to People, Process and Technology. These are achieved by implementing information security policies, procedures and practices within various business processes, product/services and employee activities across all functions and lines of business.
- This job is required to ensure the on-ground enforcement and continual monitoring of security operations within all Airtel functions, strategic partners and other third parties in the defined OpCos.
- It encompasses security operations within Data Centers, providing support for managed security services and New Product Development (NPD); supporting business and technology teams by evaluating security related aspects of critical services such as Airtel Money; assessment of the solutions and services platform ; monitoring of ongoing IT & NW security projects; application security; facilitating Internal and External IT audits & helping the operations team during on-ground closure of the audit observations.
- Carry out investigations and forensics; assessment of the risks that may lead to breach of confidentiality and business disruptions; implementing process/technology controls to mitigate the identified risks; closely interacting with respective security heads in other OpCos; reviewing fraud management activities done by operations teams.
- Collaborating with functions to roll-out security policies and procedures; ensuring availability of appropriate security IM, GSDs, and system-level implementation procedures in association with system-owners; owning the responsibility of ensuring ISMS implementation and successful certification (ISO 27001 or 22301) once undertaken in the Airtel locations.
- Reviewing functional implementation of security through ISWG and respective function heads within OpCos.
- Mitigation of the risks that may arise out of Third Parties and eventually ensuring compliance to BTSP; preparing the dashboards for top management review
- Managing the OpCo-wide security override function, according central security approvals after evaluating associated risks; supporting BCP/DR activities; ensuring implementations of security controls at the critical processing areas such as shared services; monitoring compliance artefacts supporting partner security SLAs; and institutionalizing Customer Privacy Framework.
Skills and Qualifications
- Graduate Degree
- BSc Computer Science/Technology/Engineering or related discipline
- Security Certification preferred (e.g. CISA, CISSP, CEH, etc.)
- 10 to 15 years relevant experience
- Should have adequate experience in handling large and complex projects
- Should be familiar with the contents of relevant Government Acts and Guidelines in the Information Technology domain.
- Excellent knowledge of information security frameworks such as COBIT.
- Knowledge and experience in the preparation of asset registers, conduct of risk assessments and in the preparation and implementation of risk treatment plans.
- Knowledge of the latest trends, technology developments, tools and methodologies in the IS Risk Management arena.
- Experience in handling geographically spread teams with proven team leadership skills.
- The ideal candidate should have excellent knowledge of Information Security standards, policies, controls and structures prevalent in the telecom industry along with Africa operating environment.
- Extensive experience in handling information security operations or consulting for large and geographically dispersed organizations.
- A high-level appreciation of Security Architecture and Infrastructure across application, middleware, OS and network domains
- Experience in operational and strategic information security risk management.
- Should have adequate knowledge of the ISO 27001 Standard.
- A detailed understanding of systems design and systems development methodologies is required.
How to Apply
Interested and qualified candidates should:
Click here to apply